State Cybersecurity Funding: Memo From Governors to Congress
The recent spate of ransomware attacks on states, cities and municipalities has sparked governors to push Congress for more legislation to shore up their systems and protect their constituents from cyber attackers.
Slowly but surely states are receiving more financial help to buck up their cybersecurity profiles. Late last year, federal legislators hammered out a budget deal to provide states with $425 million in grants to improve their election machinery. Now a clarion call by the National Governors Association (NGA), the venerable group of 55 governors of states, territories and commonwealths, is urging Congress to pass legislation for dedicated cybersecurity grants to upgrade their states’ cybersecurity profiles.
Specifically, the NGA is urging Congress to pass legislation this year,–including S.1065/H.R. 2130, the State Cyber Resiliency Act; S.1846, the State and Local Government Cybersecurity Act of 2019; and, H.R 5823, the State and Local Cybersecurity Improvement Act–to authorize dedicated grant funding for states and localities to help improve their preparation, response and recovery efforts related to cyber incidents.
“Governors and states are at the forefront of cybersecurity, which is a collective responsibility and one of their most important priorities when it comes to protecting people and systems,” said Jeff McLeod, director of NGA’s Homeland Security & Public Safety team. “We know that effective strategies to prevent and recover from cyberattacks involve all levels of government, including local partners, as well as partners in the private sector.”
In mid-January, the NGA and the National Association of State Chief Information Officers (NASCIO) released Stronger Together: State and Local Cybersecurity Collaboration, a report on programs designed to strengthen local partnerships in cybersecurity. The report was prompted by the high number of ransomware attacks that have hit state, county and local level public and private organizations.
In 2019, the U.S. was hit by an unprecedented onslaught of ransomware attacks that hit at least 966 government agencies, educational establishments and healthcare providers at a potential cost in excess of $7.5 billion. Roughly 113 of the victimized organizations were municipal governments and agencies, according to an Emsisoft report. Click here to see a partial list of cities, towns and government organizations that have been hit by ransomware attacks.
Governors aren’t alone in calling for more money and programs to protect their flanks from hackers. Last July, the U.S. Conference of Mayors has unanimously resolved to no longer accede to any ransom demands from hackers, following a series of cyber shakedowns that have extorted millions from city governments.